Dairy Queen Ices Data Breaches with PCI Compliance
Terri Fote was concerned. The increased risks of data breaches as more customers use credit cards for payment was weighing heavily on this Dairy Queen franchisee with five locations in Green Bay, Wisconsin. “We knew that this had to be done,” Fote states. “If a breach would occur, we could lose our entire company.”
Fote needed an affordable, simple, quick and effective PCI-DSS compliance solution. PCI-DSS is the standard developed jointly by the credit card brands. Card accepting merchants are required to comply with these data security standards. Merchants who follow these requirements are less likely to have data breaches from hacking or malicious software, also known as malware, installed on their network. Additionally, she knew that the credit card industry had created guidelines to protect credit cards against data breach.
The challenge was finding a way to quickly implement the standard which has many complex requirements.
The ideal solution for Fote’s Dairy Queen locations would be one that provided a high level of security, minimal effort on her end, and a fixed, affordable level of expense. Fote also wanted an answer that would have little or no impact on her daily business operations.
“I was reading an article in a trade magazine about PCI compliance and Vendor Safe was talked about,” Fote recalls. The provider appealed to Fote for many reasons including cost and the speed of installation. Implementing the Vendor Safe Virtual Private Network (VPN) required less than five minutes of downtime at each retail location. This is because no changes are made to the LAN or WAN and no pre-site survey is required. “The installation took a couple of hours because it had to interface with my POS system,” Fote recalls. “There was no training for the employees. Once it is set up, other than a slight learning curve to get used to it, there are very few issues that arise.”
Fote contacted her franchisor, International Dairy Queen (IDQ), and became a “test” location. “Vendor Safe performed well and I became a national vendor of IDQ,” she notes.
Vendor Safe’s Virtual Private Network (VPN) has enabled additional capabilities such as centralized reporting, unified POS deployment and real-time inventory analysis across all Fote’s stores. If a broadband connection fails, Vendor Safe automatically reestablishes a dial or wireless connection using an automatic failover process. Redundant communications eliminate virtually all credit card communication issues, greatly reducing exposure to overdrawn or invalid credit cards.
Another safety feature is the monitoring and protected remote access. A terminated employee’s access privileges can be revoked immediately from Vendor Safe’s centrally-managed infrastructure. Vendor Safe’s monitoring also delivers insight and control over activity at each location, ensuring that Internet use is limited to business. “The firewall has locked down the Internet browsing capability at the restaurant,” Fote describes. “It makes the chance of acquiring any viruses minimal. It also stops my staff from doing unnecessary browsing that they shouldn’t be doing.”
Since implementing Vendor Safe, Fote admits that she has much more peace of mind. “I definitely don’t worry about a credit card breach ever happening,” she says. “It has made us think about the security of credit card information and have implemented policies in the event that a card is left at our restaurant. We take credit card processing very seriously and making sure that our customers’ data is safe when they come to Dairy Queen.”